Keli Grubb
e61e6bc7e3
All checks were successful
ci/woodpecker/push/push Pipeline was successful
## Added - CoT (Cursor on Target) server on port 8089 enabling ATAK/iTAK device connectivity - Support for TAK stream protocol and traditional XML CoT messages - TLS/SSL support with automatic fallback to plain TCP - Username/password authentication for CoT connections - Real-time device position tracking with TTL-based expiration (90s default) - API endpoints: `/api/cot/config`, `/api/cot/server-package`, `/api/cot/truststore`, `/api/me/cot-password` - TAK Server section in Settings with QR code for iTAK setup - ATAK password management in Account page for OIDC users - CoT device markers on map showing real-time positions - Comprehensive documentation in `docs/` directory - Environment variables: `COT_PORT`, `COT_TTL_MS`, `COT_REQUIRE_AUTH`, `COT_SSL_CERT`, `COT_SSL_KEY`, `COT_DEBUG` - Dependencies: `fast-xml-parser`, `jszip`, `qrcode` ## Changed - Authentication system supports CoT password management for OIDC users - Database schema includes `cot_password_hash` field - Test suite refactored to follow functional design principles ## Removed - Consolidated utility modules: `authConfig.js`, `authSkipPaths.js`, `bootstrap.js`, `poiConstants.js`, `session.js` ## Security - XML entity expansion protection in CoT parser - Enhanced input validation and SQL injection prevention - Authentication timeout to prevent hanging connections ## Breaking Changes - Port 8089 must be exposed for CoT server. Update firewall rules and Docker/Kubernetes configurations. ## Migration Notes - OIDC users must set ATAK password via Account settings before connecting - Docker: expose port 8089 (`-p 8089:8089`) - Kubernetes: update Helm values to expose port 8089 Co-authored-by: Madison Grubb <madison@elastiflow.com> Reviewed-on: #6
68 lines
2.0 KiB
JavaScript
68 lines
2.0 KiB
JavaScript
import { existsSync, readFileSync } from 'node:fs'
|
|
import { dirname, join } from 'node:path'
|
|
import { fileURLToPath } from 'node:url'
|
|
|
|
const _dirname = dirname(fileURLToPath(import.meta.url))
|
|
const pkgPath = join(_dirname, 'package.json')
|
|
const pkg = existsSync(pkgPath) ? JSON.parse(readFileSync(pkgPath, 'utf8')) : {}
|
|
const devKey = join(_dirname, '.dev-certs', 'key.pem')
|
|
const devCert = join(_dirname, '.dev-certs', 'cert.pem')
|
|
const useDevHttps = existsSync(devKey) && existsSync(devCert)
|
|
|
|
export default defineNuxtConfig({
|
|
modules: ['@nuxtjs/tailwindcss', '@nuxt/test-utils/module', '@nuxt/icon', '@nuxt/eslint'],
|
|
devtools: { enabled: true },
|
|
app: {
|
|
head: {
|
|
title: 'KestrelOS',
|
|
link: [
|
|
{ rel: 'preconnect', href: 'https://fonts.googleapis.com' },
|
|
{ rel: 'preconnect', href: 'https://fonts.gstatic.com', crossorigin: '' },
|
|
{ rel: 'stylesheet', href: 'https://fonts.googleapis.com/css2?family=JetBrains+Mono:wght@400;500;600&display=swap' },
|
|
],
|
|
meta: [
|
|
{ charset: 'utf-8' },
|
|
{ name: 'viewport', content: 'width=device-width, initial-scale=1' },
|
|
{ name: 'description', content: 'Tactical Operations Center for OSINT Feeds' },
|
|
],
|
|
},
|
|
},
|
|
css: ['~/assets/css/main.css'],
|
|
runtimeConfig: {
|
|
public: {
|
|
version: pkg.version ?? '',
|
|
},
|
|
cotTtlMs: 90_000,
|
|
cotRequireAuth: true,
|
|
cotDebug: false,
|
|
},
|
|
devServer: {
|
|
host: '0.0.0.0',
|
|
...(useDevHttps
|
|
? { https: { key: devKey, cert: devCert } }
|
|
: {}),
|
|
},
|
|
future: { compatibilityVersion: 4 },
|
|
compatibilityDate: '2024-11-01',
|
|
nitro: {
|
|
preset: 'node-server',
|
|
serveStatic: true,
|
|
routeRules: {
|
|
'/**': {
|
|
headers: {
|
|
'X-Content-Type-Options': 'nosniff',
|
|
'X-Frame-Options': 'DENY',
|
|
'Referrer-Policy': 'strict-origin-when-cross-origin',
|
|
'Permissions-Policy': 'geolocation=(self), microphone=(self), camera=(self)',
|
|
},
|
|
},
|
|
},
|
|
},
|
|
eslint: {
|
|
config: {
|
|
tooling: true,
|
|
stylistic: true,
|
|
},
|
|
},
|
|
})
|